package com.aaa.security;


import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import org.springframework.web.filter.CorsFilter;

@Configuration
public class CrosConfig {

    //跨域拦截器
    @Bean
    public CorsFilter corsFilter(){
        //跨域配置
        CorsConfiguration corsConfiguration = new CorsConfiguration();
        //允许的请求方式："get","post","delete"
        corsConfiguration.addAllowedMethod("*");
        //允许的域名: vue http://localhost:8014
        //corsConfiguration.addAllowedOrigin("http://localhost:8014");
        corsConfiguration.addAllowedOriginPattern("*");
        //请求头
        corsConfiguration.addAllowedHeader("*");
        //携带凭证
        corsConfiguration.setAllowCredentials(true);

        //基于请求地址URL的跨域配置源
        UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource = new UrlBasedCorsConfigurationSource();
        //   /**:所有URL地址
        urlBasedCorsConfigurationSource.registerCorsConfiguration("/**",corsConfiguration);
        return new CorsFilter(urlBasedCorsConfigurationSource);
    }
}
